images will be saved in your kmeleon file save(not file download) directory. in case kmeleon new install or new profile(no save directory set in kmeleon), the images will be saved in mydocuments folder

it's a false positive i assure you..sometimes happens with over zealous scanners but usually if there was a familiar name like in capture plus extension but save image binary is quickimgsave.. never heard of a trojan with that name. superantispyware is not good i think because if an autoit extension triggered an inet connection like weatherman to fetch xml, then it might be understandable why it might trigger an alert though it should have a better canner but quickimgsave doesn't initiate any connections so it's a bit weird for a false positive..anyway, you should contact the developers and tell them of that bug, it will help them address false positives.

extensions are uploaded directly from my computer to sourceforge and nothing in between intercepts to infect them so don't worry at all about any extension on kmext being malware.